Jump to:navigation, search
Wiki

VLAN interface

From Securepoint Wiki





notempty
Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!

notempty
Der Artikel für die neueste Version steht hier

notempty
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Reseller-Preview bezieht








































































De.png
En.png
Fr.png

Create and configure a VLAN interface


Last adaptation to the version: 12.1

New:

  • Layout adjustment


Previous versions: 11.7


Creating a VLAN interface

The creation of a Vlan interface is done under → Network →Network ConfigurationTab Network interfaces by pressing the VLAN button.







































Caption Value Description

Wizard step 1 (name and IP address)

Name: LAN1.100 The name of the virtual interface is automatically formed from the physical interface used and the VLAN ID UTM v12.2 Netzwerkkonfiguration VLAN Assistent1-en.png
Wizard step 1
Interface: LAN1 physical interface used
VLAN ID 100Link= VLAN ID used (here:100)
IP address: 10.10.55.1/24 IP address of the virtual interface
DHCP Client off When activated, the interface obtains its IP address as a client from a DHCP server.
Next

Wizard Step 2 (Zones)

Zones     Under the menu item Zones, the zones of the interface are displayed or defined.
For a better understanding there is a corresponding article Zone concept in the Wiki.		 UTM v12.2 Netzwerkkonfiguration VLAN Assistent2-en.png
Wizard step 2
Add new zone Yes Automatically adds a new zone and associates it with the virtual interface.
The associated zone for the interface itself (firewall-) is automatically generated and does not need to be specified.
dmz0 Name for the new zone
Generate rules: No Creates autogenerated rules to facilitate commissioning. These rules cannot be changed and must be replaced by individual rules in any case.
Complete the wizard with Done
The resulting VLAN configuration might look like the following:UTM v12.2 Netzwerkkonfiguration VLAN Beispiel-en.png

Edit VLAN interface

General

General
Name: LAN1.100 The name of the virtual interface is automatically formed from the physical interface used and the VLAN ID UTM v12.2 Netzwerkkonfiguration VLAN Allgemein-en.png
Tab General
Interface: LAN! physical interface used
VLAN ID 100Link= VLAN ID used (here:100)
MTU 1500Link= The Maximum Transmission Unit specifies the maximum packet size in bytes that can be transmitted without fragmentation.
DHCP Client off When activated, the interface obtains its IP address as a client from a DHCP server.
Router Advertisement: Off Routers announce their presence in the network via Router Advertisement(RA). This happens periodically or on Router Solicitation requests (RS-Request).
If the UTM has received an IPv6 prefix, it can announce the subnet via Router Advertisement in the network segment behind the interface. (See article IPv6 Prefix Delegation)
Route Hint IPv4 192.0.2.192/---  Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP.
Route Hint IPv6 2001:DB8::123/---  Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP.
IPv6 Prefix Delegation Off Enables IPv6 prefix delegation to get IPv6 prefixes allocated on this interface.

IP addresses

IP addresses
IP addresses: »10.10.55.1/24 By clicking in the click box, one or more addresses can be placed on an interface. UTM v12.2 Netzwerkkonfiguration VLAN IP-Adressen-en.png
IP addresses tab

Zones

Zones
Zones »dmz0 »firewall-dmz0 Under the menu item Zones, the zones of the interface are displayed or defined.
For a better understanding there is a corresponding article Zone concept in the Wiki. 		UTM v12.2 Netzwerkkonfiguration VLAN Zonen-en.png
Tab zones

DynDNS

DynDNS
Enabled: Yes Enables or disables (default) the DynDNS function UTM v12.6 Ethernet Schnittstelle bearbeiten dyndns-en.png
DynDNS settings
Hostname: hostname.spdns.de Desired Hostname
User: hostname.spdns.de The corresponding user name must be entered here.
  • If linked to a reseller account, the corresponding host name must be entered here
    • Password:     The password must be entered here.
  • If linked to a reseller account, the update token must be entered here.
    • Server: update.spdyn.de The securepoint update server
    MX:    
    Webresolver: On Must be activated if the NAT router is located before the DNS (i.e.: UTM → Fritzbox/Speedport → internet)
    Protocol: The DNS service can be activated for IPv4 or IPv6 addresses only, or both IPv4 and IPv6.

    Fallback

    Fallback
    Fallback interface     Interface that takes over for the main interface in the event of a malfunction.
    The absence of malfunctions is checked by ping-checking a host.
    See the separate article on Fallback for this.    		 UTM v12.2 Netzwerkkonfiguration VLAN Fallback-en.png
    Tab Fallback
    Ping-check Host 195.243.137.26 Host on which the ping check should be performed.
    This can also be a host in the internal network if necessary.
    (Here the DNS servers of DENIC in Hamburg and Munich).
    Ping-check Intervall 5Link= Period between ping attempts
    Ping-check Threshold 4Link= Attempts Number of failed ping attempts before switching to the fallback interface.
    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/NET/VLAN_v12.1&oldid=88356"